This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/71/1b30bf-bcc7-4777-9146-7a30be5cecc0/1/sTSesOfbZTbKeYKWH_rJsykWXF8.mft File: sTSesOfbZTbKeYKWH_rJsykWXF8.mft (raw, json) Hash identifier: iWYtoEHE12pj20A0hwsffD7LMT6CqYyYIqUNIReQv14= Subject key identifier: 8C:D6:4F:4F:6C:F7:55:D2:9C:5C:A2:F4:89:04:98:A1:04:E2:F3:4F Authority key identifier: B1:34:9E:B0:E7:DB:65:36:CA:79:82:96:1F:FA:C9:B3:29:16:5C:5F Certificate issuer: /CN=b1349eb0e7db6536ca7982961ffac9b329165c5f Certificate serial: 019AF0BEF00849DBE8EA2A68A634A67CAE5F Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sTSesOfbZTbKeYKWH_rJsykWXF8.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/71/1b30bf-bcc7-4777-9146-7a30be5cecc0/1/sTSesOfbZTbKeYKWH_rJsykWXF8.mft Manifest number: 0415 Signing time: Fri 05 Dec 2025 23:00:36 +0000 Manifest this update: Fri 05 Dec 2025 23:00:36 +0000 Manifest next update: Sat 06 Dec 2025 23:00:36 +0000 Files and hashes: 1: sTSesOfbZTbKeYKWH_rJsykWXF8.crl (hash: t7eaejDotrJRPTQHhWvdmnt6w3WijqVwLgfVU+4OY8I=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/71/1b30bf-bcc7-4777-9146-7a30be5cecc0/1/sTSesOfbZTbKeYKWH_rJsykWXF8.crl rsync://rpki.ripe.net/repository/DEFAULT/71/1b30bf-bcc7-4777-9146-7a30be5cecc0/1/sTSesOfbZTbKeYKWH_rJsykWXF8.mft rsync://rpki.ripe.net/repository/DEFAULT/sTSesOfbZTbKeYKWH_rJsykWXF8.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 06 Dec 2025 23:00:36 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f0:be:f0:08:49:db:e8:ea:2a:68:a6:34:a6:7c:ae:5f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=b1349eb0e7db6536ca7982961ffac9b329165c5f Validity Not Before: Dec 5 23:00:36 2025 GMT Not After : Dec 6 23:00:36 2025 GMT Subject: CN=8cd64f4f6cf755d29c5ca2f4890498a104e2f34f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c1:31:ec:df:e9:9d:d0:07:4a:9f:74:ab:47:10: cb:3d:ff:b0:a6:77:0c:0e:52:10:0d:e8:13:e2:8d: f9:b5:37:c6:ea:36:9b:56:d8:59:be:6e:59:d0:25: 05:cc:64:52:f8:f9:a7:65:73:c5:90:ca:92:3d:81: de:e4:ee:67:2f:fc:75:38:00:b4:84:be:21:17:10: 37:b7:19:90:8e:f8:11:20:c5:33:da:c5:a7:de:e1: 4f:a5:f9:ac:eb:bc:09:35:b8:c8:3c:08:34:1a:5c: 69:cb:1e:a9:b0:6f:56:62:3a:12:fb:bc:6f:0f:e9: ed:09:17:be:d9:65:6e:e8:de:62:a2:ec:e8:79:4d: d0:1c:23:77:63:34:fe:a4:2e:dd:8d:17:f3:c7:fb: 16:8a:07:57:db:93:82:8a:8a:46:9b:d7:19:7b:c7: 63:08:0e:f7:c5:31:35:da:72:e8:a5:b8:41:d5:cb: 56:84:d2:a5:f1:5d:33:15:fe:12:e9:2a:7f:4a:13: 7c:80:2d:3f:b8:ac:08:51:e9:2b:54:17:f2:f4:7b: 1f:b0:ae:89:85:a9:47:aa:c7:52:23:84:57:3c:e7: a9:c8:1d:73:ae:1b:e5:ab:fb:54:31:b4:4e:76:6c: ea:d3:6c:61:82:cb:50:14:72:5c:0c:d4:60:65:b6: cd:6f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8C:D6:4F:4F:6C:F7:55:D2:9C:5C:A2:F4:89:04:98:A1:04:E2:F3:4F X509v3 Authority Key Identifier: keyid:B1:34:9E:B0:E7:DB:65:36:CA:79:82:96:1F:FA:C9:B3:29:16:5C:5F X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sTSesOfbZTbKeYKWH_rJsykWXF8.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/71/1b30bf-bcc7-4777-9146-7a30be5cecc0/1/sTSesOfbZTbKeYKWH_rJsykWXF8.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/71/1b30bf-bcc7-4777-9146-7a30be5cecc0/1/sTSesOfbZTbKeYKWH_rJsykWXF8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption d4:19:bf:99:49:c2:82:a9:26:48:c2:e2:b5:59:66:36:ae:ac: 80:68:7f:75:c6:28:42:25:db:0b:ba:a4:96:ea:d6:28:84:03: 7a:f5:d1:b7:62:30:fe:8d:d6:55:04:49:8e:00:c8:79:0a:2d: e9:90:3e:4a:16:5a:3a:98:4d:45:70:74:fe:1a:77:a0:15:6f: 6b:d6:7e:92:ec:42:85:f2:e7:72:ff:8a:bb:4d:73:6f:ec:d5: 6e:26:19:f0:82:f4:68:1a:4d:72:97:cc:71:ac:c1:23:51:65: 82:9a:43:da:c9:99:a1:37:68:b7:20:b6:98:1f:2d:bb:82:35: 3f:2d:47:91:e0:ce:81:d1:29:9d:b6:9e:1d:eb:88:8d:30:27: 1d:be:2e:d6:2e:61:6b:c4:75:26:79:1c:24:79:2f:99:d0:d7: 3e:5c:97:3a:29:0c:b5:87:4f:10:09:16:af:a0:78:fd:a5:e9: 5f:fa:eb:11:03:cd:74:75:b9:8b:b7:70:f9:f4:6f:e6:8f:bd: c7:a9:1f:6a:c9:17:b3:b6:77:b6:d7:3f:55:e9:85:a3:fa:38: 12:b6:06:1f:5c:3c:ad:6f:8c:6f:d7:db:56:13:3e:95:6e:05: 1d:c5:24:b9:60:fc:de:8c:94:37:db:91:d0:62:42:7b:2f:25: 1f:ca:94:c2 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrwvvAISdvo6ipopjSmfK5fMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGIxMzQ5ZWIwZTdkYjY1MzZjYTc5ODI5NjFmZmFjOWIzMjkx NjVjNWYwHhcNMjUxMjA1MjMwMDM2WhcNMjUxMjA2MjMwMDM2WjAzMTEwLwYDVQQD Eyg4Y2Q2NGY0ZjZjZjc1NWQyOWM1Y2EyZjQ4OTA0OThhMTA0ZTJmMzRmMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwTHs3+md0AdKn3SrRxDLPf+wpncM DlIQDegT4o35tTfG6jabVthZvm5Z0CUFzGRS+PmnZXPFkMqSPYHe5O5nL/x1OAC0 hL4hFxA3txmQjvgRIMUz2sWn3uFPpfms67wJNbjIPAg0Glxpyx6psG9WYjoS+7xv D+ntCRe+2WVu6N5iouzoeU3QHCN3YzT+pC7djRfzx/sWigdX25OCiopGm9cZe8dj CA73xTE12nLopbhB1ctWhNKl8V0zFf4S6Sp/ShN8gC0/uKwIUekrVBfy9HsfsK6J halHqsdSI4RXPOepyB1zrhvlq/tUMbROdmzq02xhgstQFHJcDNRgZbbNbwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFIzWT09s91XSnFyi9IkEmKEE4vNPMB8GA1UdIwQY MBaAFLE0nrDn22U2ynmClh/6ybMpFlxfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvc1RTZXNPZmJaVGJLZVlLV0hfckpzeWtXWEY4LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MS8xYjMwYmYtYmNjNy00Nzc3LTkxNDYt N2EzMGJlNWNlY2MwLzEvc1RTZXNPZmJaVGJLZVlLV0hfckpzeWtXWEY4Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC83MS8xYjMwYmYtYmNjNy00Nzc3LTkxNDYtN2EzMGJlNWNlY2Mw LzEvc1RTZXNPZmJaVGJLZVlLV0hfckpzeWtXWEY4LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEA1Bm/mUnC gqkmSMLitVlmNq6sgGh/dcYoQiXbC7qklurWKIQDevXRt2Iw/o3WVQRJjgDIeQot 6ZA+ShZaOphNRXB0/hp3oBVva9Z+kuxChfLncv+Ku01zb+zVbiYZ8IL0aBpNcpfM cazBI1FlgppD2smZoTdotyC2mB8tu4I1Py1HkeDOgdEpnbaeHeuIjTAnHb4u1i5h a8R1JnkcJHkvmdDXPlyXOikMtYdPEAkWr6B4/aXpX/rrEQPNdHW5i7dw+fRv5o+9 x6kfaskXs7Z3ttc/VemFo/o4ErYGH1w8rW+Mb9fbVhM+lW4FHcUkuWD83oyUN9uR 0GJCey8lH8qUwg== -----END CERTIFICATE-----Generated at Sat Dec 6 07:22:16 2025 by rpki-client